Repository: struts-site Updated Branches: refs/heads/asf-site b64eab8eb -> 29713114c
Updates production by Jenkins Project: http://git-wip-us.apache.org/repos/asf/struts-site/repo Commit: http://git-wip-us.apache.org/repos/asf/struts-site/commit/29713114 Tree: http://git-wip-us.apache.org/repos/asf/struts-site/tree/29713114 Diff: http://git-wip-us.apache.org/repos/asf/struts-site/diff/29713114 Branch: refs/heads/asf-site Commit: 29713114c2cd076deb44bfa1bbf3729cf6003f33 Parents: b64eab8 Author: jenkins <bui...@apache.org> Authored: Tue Sep 5 13:08:40 2017 +0000 Committer: jenkins <bui...@apache.org> Committed: Tue Sep 5 13:08:40 2017 +0000 ---------------------------------------------------------------------- content/announce.html | 65 +++++++++++++++++++++++++++++++++++++++++++++ content/download.html | 46 ++++++++++++++++---------------- content/downloads.html | 2 +- content/index.html | 10 +++---- 4 files changed, 94 insertions(+), 29 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/struts-site/blob/29713114/content/announce.html ---------------------------------------------------------------------- diff --git a/content/announce.html b/content/announce.html index 96c12ac..0158c00 100644 --- a/content/announce.html +++ b/content/announce.html @@ -127,6 +127,7 @@ <h1 class="no_toc" id="announcements">Announcements</h1> <ul id="markdown-toc"> + <li><a href="#a20170905" id="markdown-toc-a20170905">05 September 2017 - Struts 2.5.13 General Availability</a></li> <li><a href="#a20170809" id="markdown-toc-a20170809">09 August 2017 - S2-049 Security Bulletin update</a></li> <li><a href="#a20170707" id="markdown-toc-a20170707">07 July 2017 - Struts 2.3.33 General Availability</a></li> <li><a href="#a20170706" id="markdown-toc-a20170706">06 July 2017 - Struts 2.5.12 General Availability</a></li> @@ -142,6 +143,70 @@ Skip to: <a href="announce-2016.html">Announcements - 2016</a> </p> +<h4 id="a20170905">05 September 2017 - Struts 2.5.13 General Availability</h4> + +<p>The Apache Struts group is pleased to announce that Struts 2.5.13 is available as a âGeneral Availabilityâ +release. The GA designation is our highest quality grade.</p> + +<p>Apache Struts 2 is an elegant, extensible framework for creating enterprise-ready Java web applications. +The framework is designed to streamline the full development cycle, from building, to deploying, +to maintaining applications over time.</p> + +<p>This release contains fixes for the following potential security vulnerabilities:</p> + +<ul> + <li><a href="/docs/s2-050.html">S2-050</a> + A regular expression Denial of Service when using URLValidator (similar to S2-044 & S2-047)</li> + <li><a href="/docs/s2-051.html">S2-051</a> +A remote attacker may create a DoS attack by sending crafted xml request when using the Struts REST plugin</li> + <li><a href="/docs/s2-052.html">S2-052</a> +Possible Remote Code Execution attack when using the Struts REST plugin with XStream handler to handle XML payloads</li> +</ul> + +<p>Except the above this release also contains several improvements just to mention few of them:</p> + +<ul> + <li>Struts2 JSON Plugin: Send Map with Strings as Key to JSON Action is ignored, Numeric Keys will work and mapped</li> + <li>NP with TextProvider and wildcardmapping</li> + <li>Threads get blocked due to unnecessary synchronization in OgnlRuntime</li> + <li>Default Multipart validation regex is invalid</li> + <li>Not fully initialized ObjectFactory tries to create beans</li> + <li>http://struts.apache.org/dtds/struts-2.5.dtd missing</li> + <li>Set a global resource bundle in class</li> + <li>Override TextProvider doesnot work in struts 2.5.12</li> + <li>Array-of-null parameters are converted to string ânullâ</li> + <li>JakartaStreamMultiPartRequest Should Honor âstruts.multipart.maxSizeâ</li> + <li>Build Fails Due to Unused com.sun Import</li> + <li>Struts2.5.12 - NPE in DeligatingValidatorContext</li> + <li>Struts 2 Fails to Initialize with JRebel</li> + <li>Allow define more than one Action suffix</li> + <li>Remove jQuery from debugging interceptor views</li> + <li>update dependencies page on the struts site</li> + <li>Improve RegEx used to validate URLs</li> + <li>Make REST ContentHandlers configurable</li> + <li>expose Freemarker incompatible_improvements into FreemarkerManager and StrutsBeansWrapper</li> + <li>Upgrade Commons Collections to 3.2.2</li> + <li>Upgrade Commons IO to 2.5</li> + <li>Upgrade to ASM version 5.2</li> + <li>Upgrade to OGNL 3.1.15</li> + <li>Upgrade xstream to the latest version</li> + <li>Upgrade to struts-master 11</li> +</ul> + +<blockquote> + <p>Please read the <a href="/docs/version-notes-2513.html">Version Notes</a> to find more details about performed bug fixes and improvements.</p> +</blockquote> + +<p><strong>All developers are strongly advised to perform this action.</strong></p> + +<p>The 2.5.x series of the Apache Struts framework has a minimum requirement of the following specification versions: +Servlet API 2.4, JSP API 2.0, and Java 7.</p> + +<p>Should any issues arise with your use of any version of the Struts framework, please post your comments +to the user list, and, if appropriate, file a tracking ticket.</p> + +<p>You can download this version from our <a href="download.cgi#struts-ga">download</a> page.</p> + <h4 id="a20170809">09 August 2017 - S2-049 Security Bulletin update</h4> <p>This is an update of the recently announced Security Bulletin - <a href="/docs/s2-049.html">S2-049</a>.</p> http://git-wip-us.apache.org/repos/asf/struts-site/blob/29713114/content/download.html ---------------------------------------------------------------------- diff --git a/content/download.html b/content/download.html index 6a39e13..a6c20f4 100644 --- a/content/download.html +++ b/content/download.html @@ -183,27 +183,27 @@ <h1>Full Releases</h1> <a class="anchor" name="struts-ga"></a> -<a class="anchor" name="struts2512"></a> -<h2>Struts 2.5.12</h2> +<a class="anchor" name="struts2513"></a> +<h2>Struts 2.5.13</h2> <p> - <a href="http://struts.apache.org/">Apache Struts 2.5.12</a> is an elegant, extensible + <a href="http://struts.apache.org/">Apache Struts 2.5.13</a> is an elegant, extensible framework for creating enterprise-ready Java web applications. It is available in a full distribution, or as separate library, source, example and documentation distributions. - Struts 2.5.12 is the "best available" version of Struts in the 2.5 series. + Struts 2.5.13 is the "best available" version of Struts in the 2.5 series. </p> <ul> <li> - <a href="http://struts.apache.org/docs/version-notes-2512.html">Version Notes</a> + <a href="http://struts.apache.org/docs/version-notes-2513.html">Version Notes</a> </li> <li>Full Distribution: <ul> <li> - <a href="[preferred]struts/2.5.12/struts-2.5.12-all.zip">struts-2.5.12-all.zip</a> (65MB) - [<a href="http://www.apache.org/dist/struts/2.5.12/struts-2.5.12-all.zip.asc">PGP</a>] - [<a href="http://www.apache.org/dist/struts/2.5.12/struts-2.5.12-all.zip.md5">MD5</a>] + <a href="[preferred]struts/2.5.13/struts-2.5.13-all.zip">struts-2.5.13-all.zip</a> (65MB) + [<a href="http://www.apache.org/dist/struts/2.5.13/struts-2.5.13-all.zip.asc">PGP</a>] + [<a href="http://www.apache.org/dist/struts/2.5.13/struts-2.5.13-all.zip.md5">MD5</a>] </li> </ul> </li> @@ -211,9 +211,9 @@ <li>Example Applications: <ul> <li> - <a href="[preferred]struts/2.5.12/struts-2.5.12-apps.zip">struts-2.5.12-apps.zip</a> (35MB) - [<a href="http://www.apache.org/dist/struts/2.5.12/struts-2.5.12-apps.zip.asc">PGP</a>] - [<a href="http://www.apache.org/dist/struts/2.5.12/struts-2.5.12-apps.zip.md5">MD5</a>] + <a href="[preferred]struts/2.5.13/struts-2.5.13-apps.zip">struts-2.5.13-apps.zip</a> (35MB) + [<a href="http://www.apache.org/dist/struts/2.5.13/struts-2.5.13-apps.zip.asc">PGP</a>] + [<a href="http://www.apache.org/dist/struts/2.5.13/struts-2.5.13-apps.zip.md5">MD5</a>] </li> </ul> </li> @@ -221,9 +221,9 @@ <li>Essential Dependencies Only: <ul> <li> - <a href="[preferred]struts/2.5.12/struts-2.5.12-min-lib.zip">struts-2.5.12-min-lib.zip</a> (4MB) - [<a href="http://www.apache.org/dist/struts/2.5.12/struts-2.5.12-min-lib.zip.asc">PGP</a>] - [<a href="http://www.apache.org/dist/struts/2.5.12/struts-2.5.12-min-lib.zip.md5">MD5</a>] + <a href="[preferred]struts/2.5.13/struts-2.5.13-min-lib.zip">struts-2.5.13-min-lib.zip</a> (4MB) + [<a href="http://www.apache.org/dist/struts/2.5.13/struts-2.5.13-min-lib.zip.asc">PGP</a>] + [<a href="http://www.apache.org/dist/struts/2.5.13/struts-2.5.13-min-lib.zip.md5">MD5</a>] </li> </ul> </li> @@ -231,9 +231,9 @@ <li>All Dependencies: <ul> <li> - <a href="[preferred]struts/2.5.12/struts-2.5.12-lib.zip">struts-2.5.12-lib.zip</a> (19MB) - [<a href="http://www.apache.org/dist/struts/2.5.12/struts-2.5.12-lib.zip.asc">PGP</a>] - [<a href="http://www.apache.org/dist/struts/2.5.12/struts-2.5.12-lib.zip.md5">MD5</a>] + <a href="[preferred]struts/2.5.13/struts-2.5.13-lib.zip">struts-2.5.13-lib.zip</a> (19MB) + [<a href="http://www.apache.org/dist/struts/2.5.13/struts-2.5.13-lib.zip.asc">PGP</a>] + [<a href="http://www.apache.org/dist/struts/2.5.13/struts-2.5.13-lib.zip.md5">MD5</a>] </li> </ul> </li> @@ -241,9 +241,9 @@ <li>Documentation: <ul> <li> - <a href="[preferred]struts/2.5.12/struts-2.5.12-docs.zip">struts-2.5.12-docs.zip</a> (13MB) - [<a href="http://www.apache.org/dist/struts/2.5.12/struts-2.5.12-docs.zip.asc">PGP</a>] - [<a href="http://www.apache.org/dist/struts/2.5.12/struts-2.5.12-docs.zip.md5">MD5</a>] + <a href="[preferred]struts/2.5.13/struts-2.5.13-docs.zip">struts-2.5.13-docs.zip</a> (13MB) + [<a href="http://www.apache.org/dist/struts/2.5.13/struts-2.5.13-docs.zip.asc">PGP</a>] + [<a href="http://www.apache.org/dist/struts/2.5.13/struts-2.5.13-docs.zip.md5">MD5</a>] </li> </ul> </li> @@ -251,9 +251,9 @@ <li>Source: <ul> <li> - <a href="[preferred]struts/2.5.12/struts-2.5.12-src.zip">struts-2.5.12-src.zip</a> (7MB) - [<a href="http://www.apache.org/dist/struts/2.5.12/struts-2.5.12-src.zip.asc">PGP</a>] - [<a href="http://www.apache.org/dist/struts/2.5.12/struts-2.5.12-src.zip.md5">MD5</a>] + <a href="[preferred]struts/2.5.13/struts-2.5.13-src.zip">struts-2.5.13-src.zip</a> (7MB) + [<a href="http://www.apache.org/dist/struts/2.5.13/struts-2.5.13-src.zip.asc">PGP</a>] + [<a href="http://www.apache.org/dist/struts/2.5.13/struts-2.5.13-src.zip.md5">MD5</a>] </li> </ul> </li> http://git-wip-us.apache.org/repos/asf/struts-site/blob/29713114/content/downloads.html ---------------------------------------------------------------------- diff --git a/content/downloads.html b/content/downloads.html index 23b0cb3..34dda9f 100644 --- a/content/downloads.html +++ b/content/downloads.html @@ -143,7 +143,7 @@ <ul> <li> <a href="http://struts.apache.org/download.cgi#struts-ga"> - Struts 2.5.12 + Struts 2.5.13 </a> ("best available") </li> </ul> http://git-wip-us.apache.org/repos/asf/struts-site/blob/29713114/content/index.html ---------------------------------------------------------------------- diff --git a/content/index.html b/content/index.html index a423d85..80fc198 100644 --- a/content/index.html +++ b/content/index.html @@ -129,7 +129,7 @@ extensible using a plugin architecture, and ships with plugins to support REST, AJAX and JSON. </p> - <a href="download.cgi#struts2512" class="btn btn-primary btn-large"> + <a href="download.cgi#struts2513" class="btn btn-primary btn-large"> <img src="img/download-icon.svg"> Download </a> <a href="primer.html" class="btn btn-info btn-large"> @@ -149,12 +149,12 @@ </p> </div> <div class="column col-md-4"> - <h2>Apache Struts 2.5.12 GA</h2> + <h2>Apache Struts 2.5.13 GA</h2> <p> - Apache Struts 2.5.12 GA has been released<br/>on 06 July 2017. + Apache Struts 2.5.13 GA has been released<br/>on 05 September 2017. </p> - Read more in <a href="announce.html#a20170706">Announcement</a> or in - <a href="/docs/version-notes-2512.html">Version notes</a> + Read more in <a href="announce.html#a20170905">Announcement</a> or in + <a href="/docs/version-notes-2513.html">Version notes</a> </div> <div class="column col-md-4"> <h2>Apache Struts 2.3.33 GA</h2>